I have faced on issues read only permission to assign to user in server level. how to set select permission and access  in all database in the instance 

Please help me

Hi, I am currently investigating a requirement from my client to implement fine grained SSAS security roles, as I have 10 cubes which are currently bound to global Active Directory Groups.

For example, current AD groups are

BI_Sales, BI_Orders, BI_Inventory (and so on). These are bound to SSAS cubes (Sales, Orders, Inventory), with each group holding data at the global level (across around 10 countries).

I now need to implement security by country and business vertical, and I have dimensions set up for these, and am coding a Users dimension also.

However, I am concerned with the sustainability of the security model, as we currently have 10 countries and 7 verticals. If this grows, then there will be a sharp increase in the number of AD groups. I am concerned that the sheer number of AD groups that an individual user could be allocated to, will potentially slow down user access to the network, or at best provide a headache for the DBA who would need to support the security model in future.

I am looking for any ideas that can improve the flexibility and sustainability of the model, if any one has experienced this type of architecture please let me know !

Thanks in advance, David

Is there a way to script the database role including securables?

Thanks

Samuel Hagopian

I have SQL 2016 on a classic Azure VM (new install from image).  I followed the steps here to setup TDE with Azure Key Vault.

https://docs.microsoft.com/en-us/azure/virtual-machines/virtual-machines-windows-classic-ps-sql-keyvault 

When I get to the last step to create an encryption key on the database, I get this error.  

Msg 15209, Level 16, State 27
An error occurred during encryption.

There are no error logs in the Windows/Application event logs.  So I have no idea what is wrong.  Google/Bing returned very little help on this error message.  I tried to redo everything from the beginning and got the exact same error.

running SQLServer 2012.  We have an AD group and we want to give this AD group READ permissions to a database.   The users in this AD group change so we don't want to have to add users all the time.   

is this possible and if so how?

mqh7

I'm trying to use the Always Encrypted feature of MSSQL 2016 with .NET Core and seems like it can not be used (yet). Trying to import the Microsoft.SqlServer.Management.AlwaysEncrypted.AzureKeyVaultProvider from Nuget, I get an error stating it is not compatible:

Package Microsoft.SqlServer.Management.AlwaysEncrypted.AzureKeyVaultProvider 1.0.201501028 is not compatible with netstandard1.6 (.NETStandard,Version=v1.6)

Any ideas on how/where to get a compatible version?

Doing this:

CREATEDATABASE SCOPED CREDENTIAL testWITHIDENTITY='XXXX\XXXXXX',
SECRET ='superpass';CREATE EXTERNAL DATA SOURCE testWITH(
    TYPE=RDBMS,
    LOCATION='XX.XX.XX.XX',
    DATABASE_NAME='test',
    CREDENTIAL=test);CREATE EXTERNAL TABLE[dbo].[te]([id][smallint]NOTNULL,[dd][smallint]NOTNULL)WITH( DATA_SOURCE = test)

then, try to select from dbo.te:

select*from dbo.te

Got Error retrieving data from one or more shards. The underlying error message received was: 'A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)'.

what i can do? )

Hello

I am trying to grant a user permission to create and run her own job in SQL. I have granted the user 'SQL Agent Operator Role' which lets her create the job. But when she executes the job, it fails with the below error message:

She is able to execute the job is the job owner is changed to 'sa'. But the user does not have the permissions to switch the job owner to 'sa', because changing job ownership requires sa privileges. How can I have the user execute the job without getting the above error message?

Thanks

My server is failing to install update KB3194716. I am getting an error code 86430003 from windows update. Server is Windows Server 2012 R2. Windows update is consistently failing to apply this, my update history is a list of these updates with a status of 'cancelled'.

A search for this error code brings up nothing. Anyone know what it means? Or how I go about fixing this?

We would like to implement the Encryption for database and corresponding objects .

Could you please advice me which is best and advantages and disadvantages 

Hi,

we are facing an issue in our server audit audit log hits with below events unexpectedly its around 20000 per day, only change we did in our server was adding a columnstore index, and  we cannot delete or stop telemetry_xevents it creates and starts automatically from server and starts logging this events please help us to resolve this issue

our audit spec contains

(DATABASE_ROLE_MEMBER_CHANGE_GROUP),
(FAILED_DATABASE_AUTHENTICATION_GROUP),
(DATABASE_OBJECT_PERMISSION_CHANGE_GROUP),
(SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP),
(SERVER_OBJECT_PERMISSION_CHANGE_GROUP),
(SERVER_PERMISSION_CHANGE_GROUP),
(DATABASE_CHANGE_GROUP),
(SERVER_OBJECT_CHANGE_GROUP),
(DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP),
(SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP),
(SERVER_OBJECT_OWNERSHIP_CHANGE_GROUP)

Audit log taken from sys.fn_get_audit_file

object_name                    statement
telemetry_xevents    drop event session telemetry_xevents on server    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[error_reported]  (  WHERE severity >= 16 or (error_number = 18456     or error_number = 17803 or error_number = 701 or error_number = 802 or error_number = 8645 or error_number = 8651      or error_number = 8657 or error_number = 8902 or error_number = 41354 or error_number = 41355 or error_number = 41367      or error_number = 41384 or error_number = 41336 or error_number = 41309 or error_number = 41312 or error_number = 41313)  )    
    create event session telemetry_xevents on server  ADD EVENT [sqlserver].[server_start_stop]  add target package0.ring_buffer  (set occurrence_number = 100)  with  (      MAX_DISPATCH_LATENCY = 120 SECONDS,      MAX_MEMORY = 4 MB,      startup_state = on  )    

telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[missing_column_statistics]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[missing_join_predicate]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[server_memory_change]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_database_disable_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_database_enable_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_database_reauthorize_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_index_reconciliation_codegen_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_remote_column_execution_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_remote_column_reconciliation_codegen_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_remote_index_execution_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_codegen_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_alter_ddl]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_create_ddl]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_predicate_not_specified]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_predicate_specified]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_remote_creation_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_row_migration_results_event]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_row_unmigration_results_event]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_data_reconciliation_results_event]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_unprovision_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_validation_error]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_hinted_admin_update_event]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_hinted_admin_delete_event]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_query_error]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[temporal_ddl_system_versioning]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[temporal_dml_transaction_fail]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[temporal_ddl_period_add]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[temporal_ddl_period_drop]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[temporal_ddl_schema_check_fail]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[data_masking_ddl_column_definition]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[data_masking_traffic]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[data_masking_traffic_masked_only]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[always_encrypted_query_count]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[rls_query_count]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[auto_stats]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[database_cmptlevel_change]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[database_created]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[database_dropped]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[reason_many_foreign_keys_operator_not_used]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[column_store_index_build_low_memory]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[column_store_index_build_throttle]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[columnstore_delete_buffer_flush_failed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[columnstore_delta_rowgroup_closed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[columnstore_index_reorg_failed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[columnstore_log_exception]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[columnstore_rowgroup_merge_failed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[columnstore_tuple_mover_delete_buffer_truncate_timed_out]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[columnstore_tuple_mover_end_compress]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[query_memory_grant_blocking]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[natively_compiled_module_inefficiency_detected]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[natively_compiled_proc_slow_parameter_passing]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[xtp_alter_table]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[xtp_db_delete_only_mode_updatedhktrimlsn]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[xtp_stgif_container_added]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[xtp_stgif_container_deleted]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [xtpcompile].[cl_duration]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [xtpengine].[xtp_physical_db_restarted]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [xtpengine].[xtp_db_delete_only_mode_enter]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [xtpengine].[xtp_db_delete_only_mode_update]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [xtpengine].[xtp_db_delete_only_mode_exit]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [xtpengine].[parallel_alter_stats]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [xtpengine].[serial_alter_stats]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[json_function_compiled]  (  ACTION ([database_id])  )    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[string_escape_compiled]  (  ACTION ([database_id])  )    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[window_function_used]  (  ACTION ([database_id])  )    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[sequence_function_used]  (  ACTION ([database_id])  )    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [qds].[query_store_db_diagnostics]      
telemetry_xevents    alter event session telemetry_xevents on server state=start  
telemetry_xevents    drop event session telemetry_xevents on server    
telemetry_xevents    drop event session telemetry_xevents on server    
    create event session telemetry_xevents on server  ADD EVENT [sqlserver].[server_start_stop]  add target package0.ring_buffer  (set occurrence_number = 100)  with  (      MAX_DISPATCH_LATENCY = 120 SECONDS,      MAX_MEMORY = 4 MB,      startup_state = on  )    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[error_reported]  (  WHERE severity >= 16 or (error_number = 18456     or error_number = 17803 or error_number = 701 or error_number = 802 or error_number = 8645 or error_number = 8651      or error_number = 8657 or error_number = 8902 or error_number = 41354 or error_number = 41355 or error_number = 41367      or error_number = 41384 or error_number = 41336 or error_number = 41309 or error_number = 41312 or error_number = 41313)  )    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[missing_column_statistics]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[missing_join_predicate]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[server_memory_change]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_database_disable_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_database_enable_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_database_reauthorize_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_index_reconciliation_codegen_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_remote_column_execution_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_remote_column_reconciliation_codegen_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_remote_index_execution_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_codegen_completed]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_alter_ddl]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_create_ddl]    
telemetry_xevents    ALTER EVENT SESSION [telemetry_xevents] ON SERVER  ADD EVENT [sqlserver].[stretch_table_predicate_not_specified]   

Here's a good one for you...

Windows Server 2012 Standard

I've just been checking the Windows Event viewer on the above Server.

I've noticed an audit failure every 10 seconds with my Security ID.

The Security event log item gives no other information that identifies the cause of the audit failure.

I have SSMS open but not connected to any server...

After some trial and error work it appears that SSMS is causing the issue!

I'm logged in, can connect fine to everything, so why the audit failure.

Many thanks in advance.

P

Hello, As we know that one can Backup the database using Password and Restore it through the password. Here the security is maintained for any database backup. But  by attaching any MDF and LDF files to any Database will breaks the security of database. And through this process any one can take the file from the give path or through Searching the extension file, and restore it to a new Database. Which is not at all secure. Is there any process to give security to accessing this file, or Ask for a password while doing attachment in the Database directly. From Amitabh Sahoo  mob 9853401802

Hello we have SQL Server 2008 with sp4 applied, was there an afterwards vulnerability listed as:

Microsoft SQL Server Remote Code Execution Vulnerability (MS15-058)

<u5:p></u5:p>And is KB3045311 https://www.microsoft.com/en-us/download/details.aspx?id=48006 the fix and should be applied or something else or is unable to fix?  Thanks in advance.

in the report server SQL run the query --> select Suser_sname()

it is still display the old AD username, 

how can fix/sync the problem?

Thanks.

Hello Forum

How can I find out what the Shared Network Location is for the Backups for the databases already in an Always On Availability Group?

Please click "Mark As Answer" if my post helped. Tony C.

Hello Forum

I'm trying to knock together a script for creating the db_executor role in all databases where the role currently does not exist.  Essentially I'm using a cursor, building the script and then executing it; however when exectuting I'm getting the error"

Msg 102, Level 15, State 1, Line 4

Incorrect syntax near 'GO'.

"

This is how I'm building the script: -

SET

@sqlCommand=(SELECT' USE ['+@DatabaseName+']'+char(10)+'GO'+char(10)+'CREATE ROLE db_executor'+char(10)+'GO'+char(10)+'GRANT EXECUTE TO db_executor'+char(10)+'GO')

EXEC

sp_executesql

@sqlCommand

I've tried using char(10) and char(13) for the line breaks.

This is the command I'm building: -

USE [Model]
GO
CREATE ROLE db_executor
GO
GRANT EXECUTE TO db_executor
GO

Please click "Mark As Answer" if my post helped. Tony C.

Hi can anyone please try to help me out this..

We have a SQL Job which runs every 10minutes, recently it's failing due to the following reason, don't know what's the exact reason is please see the below error message!

Executed as user: SQL\SQLAgent. Cannot initialize the data source object of OLE DB provider "SQL5" for linked server "192.15.1.255". [SQLSTATE 42000] (Error 7303)  OLE DB provider "SQL5" for linked server "192.15.1.256" returned message "Unable to complete login process due to delay in opening server connection". [SQLSTATE 01000] (Error 7412).  The step failed.

Thanks in advance..

DBA

Script to create Deny_backup database role in all databases in SQL server instance

Find the Database owner in that instance

and assign that DBO to Deny_backup role in all databases in that instance.